Difference between revisions of "Primary IT Infrastructure"

From HackRVA
Jump to: navigation, search
(Enclosures)
(Wireless SSID List)
(5 intermediate revisions by the same user not shown)
Line 37: Line 37:
  
 
== Network Topology ==
 
== Network Topology ==
=== VLANs ===
+
===Layer 2 and Layer 3===
 +
==== VLANs (802.1q tags) ====
 
At HackRVA we have a segmented network using vlans for segregation of traffic.
 
At HackRVA we have a segmented network using vlans for segregation of traffic.
 
*VLAN-1 is the management network, and houses the management end-points for primary services.
 
*VLAN-1 is the management network, and houses the management end-points for primary services.
Line 43: Line 44:
 
*VLAN-200 is the vlan for hackrva-wireless, and is the vlan which you will be assigned to, if access the hackrva-wireless ssid.
 
*VLAN-200 is the vlan for hackrva-wireless, and is the vlan which you will be assigned to, if access the hackrva-wireless ssid.
 
*VLAN-300 is the vlan for all wired network infrastructure, and is also the vlan for network services such as email, and dns, as well as network printers.
 
*VLAN-300 is the vlan for all wired network infrastructure, and is also the vlan for network services such as email, and dns, as well as network printers.
===Address Space (IPv4)===
+
===TCP/IP Layer and 802.1q label assignment===
 +
====Address Space (IPv4)====
 
At HackRVA we have subneting that is assigned to specific vlans.
 
At HackRVA we have subneting that is assigned to specific vlans.
 
*VLAN-1 is on subnet 192.168.10.0/24
 
*VLAN-1 is on subnet 192.168.10.0/24
Line 50: Line 52:
 
*VLAN-300 is on subnet 192.168.30.0/24
 
*VLAN-300 is on subnet 192.168.30.0/24
  
===Address Space (IPv6)===
+
====Address Space (IPv6)====
 
HackRVA does not currently utilize IPv6 address space.
 
HackRVA does not currently utilize IPv6 address space.
 +
 +
==== Wireless SSID List====
 +
At Hackrva, we utilize three ssids for specific access to services, which is relevant for different types of users.
 +
*hackrva-wireless (vlan-200) <br>  -General access to internet services only
 +
*hackrva-lan(vlan-300) <br>
 +
:-This is used for member access to all services within Hackrva's internal network. <br>
 +
:-If a peripheral device is connected to the Layer 3 network, and hence connected on vlan-300, then this device will only be accessible via wireless on hackrva-lan ssid.<br>
 +
*hackrva-admin:(vlan-1) <br> -Used for management purposes, when connecting via the wireless network layer.
 +
 
==Network Services==
 
==Network Services==
 
===Domain Name Services (dns)===
 
===Domain Name Services (dns)===

Revision as of 08:09, 20 June 2014

Please check back with this page, as we are in the process of populating good information, relating to how to get the most out of your HackRVA data experience.


The primary network architecture

At HackRVA we utilize a switched network with vlans and VoIP support. We have a dedicated smart-switch, a router and a Virtulization Server which runs our web services, and groupware.

Network Devices

The HackRVA network is comprised of four primary network infrastructure devices.

CPE devices

MOTOROLA Surfboard Cable Modem

The previously used DOCSIS 3.0 cable modem used at the space was a MOTOROLA SB6120.
This device does not allow for provisioning of static IPv4 addresses, hence the use of the SMC Business Gateway for our current level of service.
MOTOROLA-SB6120.jpg

SMC Business Gateway

HackRVA uses comcast business class service with static IPv4 provisioned
The device provided for this service is the SMC Networks SMCD3GCCR business gateway.
The device provides a four port switch, for easy integration into our network architecture.
SMCD3GCCJR.JPG

Cisco RV180 VPN Router

The RV180 VLAN-enabled VPN SOHO router is the brains of the internal network architecture.
This device provides dhcp to clients on the internal LAN as well as NAT functionlaty for accessing the internet from behind the cable modem.
To understand what vlan capabilities are being used as the space, please reference the VLAN section, below.

RV180VPN Front-REAR.jpg

Ubiquiti Wireless AP

The wireless services are provided by a commerical-grade wireless access point.
The access point requires management software installed on a Windows computer, or Linux (with much more work).
Ubiquiti UniFi-AP.jpg

NetGear 24-port smart-switch

This device is referenced by Netgear as the GS724T-300 smart-switch.
This device is capable of vlan tagged ports, as well as port trunking.
NetGear-GS724Tv2.jpg

Network Topology

Layer 2 and Layer 3

VLANs (802.1q tags)

At HackRVA we have a segmented network using vlans for segregation of traffic.

  • VLAN-1 is the management network, and houses the management end-points for primary services.
  • VLAN-100 is the voip vlan, specifically intended to have all voip traffic.
  • VLAN-200 is the vlan for hackrva-wireless, and is the vlan which you will be assigned to, if access the hackrva-wireless ssid.
  • VLAN-300 is the vlan for all wired network infrastructure, and is also the vlan for network services such as email, and dns, as well as network printers.

TCP/IP Layer and 802.1q label assignment

Address Space (IPv4)

At HackRVA we have subneting that is assigned to specific vlans.

  • VLAN-1 is on subnet 192.168.10.0/24
  • VLAN-100 is on subnet 192.168.100.0/24
  • VLAN-200 is on subnet 192.168.200.0/24
  • VLAN-300 is on subnet 192.168.30.0/24

Address Space (IPv6)

HackRVA does not currently utilize IPv6 address space.

Wireless SSID List

At Hackrva, we utilize three ssids for specific access to services, which is relevant for different types of users.

  • hackrva-wireless (vlan-200)
    -General access to internet services only
  • hackrva-lan(vlan-300)
-This is used for member access to all services within Hackrva's internal network.
-If a peripheral device is connected to the Layer 3 network, and hence connected on vlan-300, then this device will only be accessible via wireless on hackrva-lan ssid.
  • hackrva-admin:(vlan-1)
    -Used for management purposes, when connecting via the wireless network layer.

Network Services

Domain Name Services (dns)

HackRVA currently hosts its own domain name services, or "DNS."
Authoritative dns services are supplied to the following domains.

hackrva.org

  • list
  • mail
  • www
  • zmail

hackrva.net

hackrva.us

hackrva.info

Dynamic Host Control Protocol (dhcp)

The dhcp services are managed by the RV180 VPN router.

Network Time Protocol (ntp)

File Transfer Protocol (ftp)

VoIP

www

EMail

VPN

Servers and Workstations

Enclosures

At HackRVA Labs, Inc. we have two racks, or "cabinets" in use.
One is a 36U full depth data server cabinet.

And the other is a Norco 9U network cabinet.
Norco-9u-enclosure.jpg

Computer Lab Systems